The policy authorizes Meta to share user data collected on Threads with advertisers, analytics and measurement companies, and service providers, for purposes including advertising delivery, measurement, and product improvement.
This analysis describes what Threads's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes that personal data collected on Threads, including behavioral and interaction data, is shared with categories of third parties beyond Meta's own products, including external advertisers and measurement vendors. The breadth of the partner categories listed means user data may flow to entities outside Meta's direct operational control.
Interpretive note: The policy does not enumerate specific third-party recipients or describe the contractual safeguards applied to each partner category, limiting assessment of the full scope of sharing.
The updated policy no longer explicitly discloses that user interactions with AI systems will be used to improve Meta's AI, nor does it describe how data is shared or collected in specific detail. Previously, the policy offered a 24/7 AI support assistant and clear pathways to manage or delete account data; these references are now absent. The removal of these disclosures does not necessarily mean the practices have stopped, but users no longer have explicit written confirmation of these features or data uses within the published policy.
View change record →The updated policy establishes that interactions with Meta's AI assistant will be used to improve Meta's AI systems. The policy states that by using the service, users agree to Meta's AI terms. Previously, the policy did not explicitly disclose this use of conversational data for AI training purposes. This means user conversations with the AI support assistant are now expressly authorized for use in improving Meta's broader AI infrastructure.
View change record →The updated policy narrows the terms users explicitly agree to by using the service from a three-part agreement (Meta Terms, AI terms, and Privacy Policy) to AI terms only. The policy now explicitly discloses that interactions with AIs will be used to improve AI at Meta. This means continued use of the service constitutes acceptance of this narrower agreement scope and explicit participation in AI training data use. You should review Meta's AI terms directly to understand what they cover and what controls, if any, are available.
View change record →Separated and clarified third-party data sharing as a distinct provision, specifically naming advertisers and measurement partners as recipients.
View full change record →Under this clause, personal data including activity, device identifiers, and behavioral data may be shared with advertisers, measurement partners, and service providers. The agreement does not enumerate specific third-party recipients, which limits users' ability to assess the full scope of external data flows.
How other platforms handle this
We may share your personal information with third parties in the following circumstances: with service providers who perform services on our behalf; with business partners with whom we jointly offer products or services; in connection with, or during negotiations of, any merger, sale of company asse...
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
Loyalty and partner program companies. We share information with our loyalty and partner program companies, like Ulta Beauty and Marriott.
Monitoring
Threads has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We share information with third-party partners, including advertisers, measurement partners, and service providers who help us provide and improve our services.— Excerpt from Threads's Threads Privacy Policy
1. REGULATORY LANDSCAPE: This provision engages GDPR requirements for controller-to-controller and controller-to-processor data transfers, including Article 28 (processor agreements) and Article 26 (joint controller arrangements where applicable). Under CCPA/CPRA, sharing personal information with advertising and measurement partners for cross-context behavioral advertising constitutes 'sharing' for which California residents have opt-out rights. The FTC Act applies to any deceptive characterization of third-party sharing practices. 2. GOVERNANCE EXPOSURE: Medium. Third-party data sharing for advertising and measurement is a standard practice among large social media platforms; however, the policy's non-enumeration of specific recipients creates compliance documentation gaps, particularly for organizations required to maintain records of processing activities under GDPR Article 30. 3. JURISDICTION FLAGS: EU/EEA users are protected by GDPR's onward transfer requirements, and any transfer to third-party partners outside the EEA must be covered by an appropriate transfer mechanism. California residents can opt out of sharing with advertising and measurement partners. Illinois BIPA exposure is possible if biometric-adjacent data (e.g., facial recognition in photos) is shared with third parties, though this is not explicitly addressed in the excerpt. 4. CONTRACT AND VENDOR IMPLICATIONS: Procurement teams integrating Threads data or Meta advertising tools should assess whether the downstream third-party sharing described in this provision is consistent with their own privacy notices and consent mechanisms. Where Meta acts as a service provider, the scope of permitted third-party sharing by Meta may affect the characterization of the relationship under CPRA. 5. COMPLIANCE CONSIDERATIONS: Legal teams should evaluate whether their organization's privacy disclosures to end users accurately describe that data shared with Meta via advertising tools may be further shared with Meta's measurement and advertising partners. Records of processing activities should reflect this downstream sharing chain.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes that personal data collected on Threads, including behavioral and interaction data, is shared with categories of third parties beyond Meta's own products, including external advertisers and measurement vendors. The breadth of the partner categories listed means user data may flow to entities outside Meta's direct operational control.
Under this clause, personal data including activity, device identifiers, and behavioral data may be shared with advertisers, measurement partners, and service providers. The agreement does not enumerate specific third-party recipients, which limits users' ability to assess the full scope of external data flows.
ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Threads.